Department of Health and Human Services – Role-Based IT Training for Administrators
3.2 3.2.1 3.2.2 Awareness and Training
https://www.hhs.gov/sites/default/files/hhs-etc/rbt-it-training/index.html
This security training from the HHS is an example of requirements and guidance to provide appropriate role-based security training.
Environmental Protection Agency Information Security – Awareness and Training Procedures
3.2 3.2.1 3.2.2 Awareness and Training
https://19january2017snapshot.epa.gov/sites/production/files/2016-01/documents/cio_2150-p-02.2.pdf
The purpose of this example procedure from the EPA is to help with implementing the security control requirements for the Awareness and Training (AT) control family.
https://www.knowbe4.com/free-it-security-tools
KnowBe4 is a large security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.
NIST SP 800-50 Building an Information Technology Security Awareness & Training Program
3.2 3.2.1 3.2.2 Awareness and Training
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-50.pdf
This NIST Special Publication provides guidance for building an effective security program.
https://go.proofpoint.com/Phishing-Awareness-Kit.html
Proofpoint Security Awareness Training is offering a free Phishing Awareness Kit. This kit gives you the tools you need to engage your users and turn them into a strong line of defense against phishing attacks and other cyber threats.
SANS Whitepaper – Developing an Integrated Security Training, Awareness, and Education Program
3.2 3.2.1 3.2.2 Awareness and Training
https://www.sans.org/white-papers/1160/
This SANS whitepaper describes how to successfully implement a comprehensive Security Training, Awareness, and Education program.
https://securityawareness.usalearning.gov/cybersecurity/index.htm
This course introduces the threats and vulnerabilities faced when working within the government or defense industrial systems.
The National Initiative for Cybersecurity Careers and Studies (NICCS) Catalog
3.2 3.2.1 3.2.2 Awareness and Training
https://niccs.cisa.gov/education-training/catalog
The NICCS Education and Training Catalog is a central location where cybersecurity professionals across the nation can find over 3,000 cybersecurity-related courses.
The University of Arizona – Acceptable Use for System Administrators Policy
3.2 3.2.1 3.2.2 Awareness and Training
https://policy.arizona.edu/information-technology/acceptable-use-system-administrators-policy
This document is an example of an Acceptable Use for System Administrators Policy from the University of Arizona.
U.S. Department of Health & Human Service Security Awareness and Training
3.2 3.2.1 3.2.2 Awareness and Training
https://www.hhs.gov/about/agencies/asa/ocio/cybersecurity/security-awareness-training/index.html
This resource provides general awareness and role-based information security training documents.